Step-by-Step Guide to AWS Systems Manager (On-Premises Instances) – Part 2

AWSSystemsManager

In my previous post I showed you how to get an Amazon EC2 instance to report into AWS Systems Manager.  In this blog post I’ll go through how you can get an on-premises instance be it physical or virtual to report into AWS Systems Manager as well.

Create the IAM Role to enable access for Hybrid Environments

  • Create a text file named ‘SSMService-Trust.json’ with the following trust policy. Save the file with the ‘.json’ file extension.

SSM-IAM-1

  • Use the create-role command to create the service role.

SSM-IAM-2

  • Use attach-role-policy as follows to enable the SSMServiceRole to create a session token. The session token gives your managed instance permission to run commands using Systems Manager.

SSM-IAM-3

Install the AWS Tools for Windows PowerShell

  • Download the latest version of the AWS Tools for Windows PowerShell:

http://sdk-for-net.amazonwebservices.com/latest/AWSToolsAndSDKForNet.msi.

  • Run the AWSToolsAndSDKForNet.msi as Administrator
  • Open PowerShell and run the following command:

Install-PowerShell-Module

Create a Managed-Instance Activation within AWS System State Manager

  • On a machine with where you have installed AWS Tools for Windows PowerShell, run the following command in AWS Tools for Windows PowerShell.

SSM-Activation

  • Press Enter.

If the activation is successful, the system returns an Activation Code and an Activation ID as per the below screenshot.

SSM-Activation-Output

Store the Activation Code and Activation ID in a safe place.

Install the SSM Agent on a On-Premises Linux Server

  • Log on to a server or VM in your hybrid environment.
  • Copy and paste the following command blocks into SSH. Replace the placeholder values with the Activation Code and Activation ID generated when you create a managed-instance activation, and with the identifier of the AWS Region you want to download the SSM Agent from. Note that sudo is not necessary if you are a root user.

Install-SSM-Linux

  • Press Enter.

The command downloads and installs the SSM Agent onto the server or VM in your hybrid environment. The command stops the SSM Agent, and then registers the server or VM with the SSM service. The server or VM is now a managed instance.

Install the SSM Agent on a On-Premises Microsoft Windows Servers

  • Log on to a server or VM in your hybrid environment.
  • Open Windows PowerShell.
  • Copy and paste the following command block into AWS Tools for Windows PowerShell. Replace the placeholder values with the Activation Code and Activation ID generated when you create a managed-instance activation, and with the identifier of the AWS Region you want to download the SSM Agent from.

PowerShell

  • Press Enter.

The command does the following:

  • Downloads and installs the SSM Agent onto the server or VM.
  • Registers the server or VM with the SSM service.
  • Returns a response to the request like the following:

PowerShell-Output

Review within AWS Systems Manager

  • Login to the AWS Management Console
  • Navigate to Systems Manager
  • Click Managed Instances

If the on-premises instance has registered successfully you should see it listed similarly as below:

AWSSytemsManager-Hybrid-Output

One thought on “Step-by-Step Guide to AWS Systems Manager (On-Premises Instances) – Part 2

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s